Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3139332e33372e3233392e302f32342d3234203d3e203239383032.roa
File: 3139332e33372e3233392e302f32342d3234203d3e203239383032.roa (raw, json)
Hash identifier: wGmNxYKcrotpYfYvs90YvBFOmfPXjgy28rcF/tNkujU=
Subject key identifier: 38:2F:45:0A:5A:8E:51:EC:5D:13:85:27:5D:7D:11:EA:70:8B:83:30
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 42C057E749BF442BF0F8F3FE29EEA09418F96846
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3139332e33372e3233392e302f32342d3234203d3e203239383032.roa
Signing time: Fri 27 Sep 2024 07:35:09 +0000
ROA not before: Fri 27 Sep 2024 07:30:09 +0000
ROA not after: Fri 26 Sep 2025 07:35:09 +0000
asID: 29802
IP address blocks: 193.37.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 05:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:c0:57:e7:49:bf:44:2b:f0:f8:f3:fe:29:ee:a0:94:18:f9:68:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Sep 27 07:30:09 2024 GMT
Not After : Sep 26 07:35:09 2025 GMT
Subject: CN=382F450A5A8E51EC5D1385275D7D11EA708B8330
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:b5:e1:32:79:11:3f:fb:ad:ae:a0:d7:a3:47:
ba:37:51:79:c0:d0:e2:1c:57:7c:b9:4f:d6:e2:b0:
42:3e:69:0d:83:c0:5d:bc:4d:5d:f6:d3:a8:d6:62:
49:cc:4b:7d:f4:3c:c3:47:ca:2b:16:e4:5e:c6:dd:
26:5e:ae:15:85:52:58:ed:0f:a3:ab:7b:4d:79:14:
75:74:db:e1:a9:4f:80:4d:42:a0:f0:9d:8f:bf:c7:
b3:f4:bf:de:c9:6c:05:49:a5:cc:ff:f6:ef:a5:71:
0c:ba:a0:03:96:0b:20:7d:1e:25:53:9d:ee:12:a2:
1d:dd:25:d7:77:a2:da:07:d3:ed:e4:42:93:57:3c:
6e:5c:1f:9b:c2:56:b5:21:8d:54:80:98:b2:57:e5:
16:64:49:ae:55:81:19:dd:32:ba:d7:01:72:68:a1:
8e:70:89:76:f7:fc:2b:4c:6f:f0:6b:e1:30:47:14:
cc:9d:4e:c2:61:1f:62:5e:69:53:44:18:3b:1c:76:
f6:52:0e:93:e7:02:6f:1d:27:c1:7a:2b:ed:5d:48:
2a:22:18:37:67:33:3d:09:af:1a:7f:ea:bd:78:a5:
1e:13:fd:63:e7:cb:1f:a8:1a:cc:8c:1b:2d:64:3f:
3c:96:79:66:8e:94:ac:f8:07:66:9d:87:77:6a:5d:
61:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:2F:45:0A:5A:8E:51:EC:5D:13:85:27:5D:7D:11:EA:70:8B:83:30
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3139332e33372e3233392e302f32342d3234203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.37.239.0/24
Signature Algorithm: sha256WithRSAEncryption
38:25:f9:83:47:19:b8:4d:84:b9:f5:c1:48:b4:38:1c:5a:4e:
ee:9a:dd:0b:70:cd:24:99:84:a5:6a:91:ef:bf:a6:19:e2:5b:
03:e3:64:ce:37:ed:3d:91:1c:0d:b7:de:f8:d4:67:c0:3c:2e:
49:90:60:5b:b5:79:db:ad:79:9e:03:a3:71:93:f3:2b:a0:09:
81:c2:16:e6:40:32:1c:5e:bf:5f:ff:45:b6:5d:b8:f2:0c:81:
4c:36:71:5d:da:aa:0a:45:90:1d:13:e6:8e:e9:3a:30:fa:20:
35:a0:af:e7:6b:27:27:f8:1a:bb:be:74:c8:38:1a:35:ef:c5:
be:92:97:20:35:d1:b4:f5:84:95:79:34:41:66:f1:7f:e1:42:
4a:14:80:46:9c:32:b8:70:eb:24:49:89:b6:cc:95:fc:35:88:
56:ff:99:52:57:50:dd:14:5b:18:5f:e7:0c:96:3d:61:84:f3:
60:8d:90:b2:77:09:58:ad:24:4b:2d:9c:6f:c5:87:b9:86:27:
03:ef:30:c3:4a:0f:95:c7:06:22:92:af:21:03:d6:ed:47:a9:
1d:19:e3:a1:5d:7d:2f:6e:c6:7a:ea:4c:46:a5:1b:a8:af:52:
13:55:1b:3d:be:a2:43:aa:4f:e6:23:b6:9f:da:ab:f3:cc:58:
b3:e9:02:f5
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUQsBX50m/RCvw+PP+Ke6glBj5aEYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDA5MjcwNzMwMDlaFw0yNTA5MjYwNzM1MDlaMDMxMTAvBgNV
BAMTKDM4MkY0NTBBNUE4RTUxRUM1RDEzODUyNzVEN0QxMUVBNzA4QjgzMzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcteEyeRE/+62uoNejR7o3UXnA
0OIcV3y5T9bisEI+aQ2DwF28TV3206jWYknMS330PMNHyisW5F7G3SZerhWFUljt
D6Ore015FHV02+GpT4BNQqDwnY+/x7P0v97JbAVJpcz/9u+lcQy6oAOWCyB9HiVT
ne4Soh3dJdd3otoH0+3kQpNXPG5cH5vCVrUhjVSAmLJX5RZkSa5VgRndMrrXAXJo
oY5wiXb3/CtMb/Br4TBHFMydTsJhH2JeaVNEGDscdvZSDpPnAm8dJ8F6K+1dSCoi
GDdnMz0Jrxp/6r14pR4T/WPnyx+oGsyMGy1kPzyWeWaOlKz4B2adh3dqXWEjAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUOC9FClqOUexdE4UnXX0R6nCLgzAwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzOTMzMmUzMzM3MmUzMjMz
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM5MzgzMDMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wSXvMA0GCSqGSIb3DQEBCwUAA4IBAQA4JfmDRxm4TYS59cFItDgcWk7umt0LcM0k
mYSlapHvv6YZ4lsD42TON+09kRwNt9741GfAPC5JkGBbtXnbrXmeA6Nxk/MroAmB
whbmQDIcXr9f/0W2XbjyDIFMNnFd2qoKRZAdE+aO6Tow+iA1oK/naycn+Bq7vnTI
OBo178W+kpcgNdG09YSVeTRBZvF/4UJKFIBGnDK4cOskSYm2zJX8NYhW/5lSV1Dd
FFsYX+cMlj1hhPNgjZCydwlYrSRLLZxvxYe5hicD7zDDSg+VxwYikq8hA9btR6kd
GeOhXX0vbsZ66kxGpRuor1ITVRs9vqJDqk/mI7af2qvzzFiz6QL1
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:50:16 2025 by rpki-client